I claim: 



Claims 



1 . A security token comprising: 

a biometric sensor that provides a first bipfnetric key of a current user of the security 
token, based upon a biometric measure of thexurrent user, 

a storage element that stores an erfcryption) of a security key, the encryption) being based 
on a second biometric key of an auth0nzed user, and 

a biometric decrypter, openibly coupled to the biometric sensor and the storage element, 
that decrypts the encryption) or the security key, producing thereby a decrypted security key that 
is equal to the security keywhen the first biometric key is equivalent to the second biometric key. 



2. The security t^ 
an authen^ 
challenge 
key. 



:en of claim 1, fujiheflncluding: 

crypter, operably coupled to the biometric decrypter, that encrypts a 
o produce a response parameter that is based upon the decrypted security 




. The security token of claim 2, further including: 

a token identifier that provides an identification that is associated with the authorized user. 



4. The security token of claim 1, fiarthei/including: 

a token identifier that provides an identification that is associated with the authorized user. 

5. The security token of claim 1, wherein 

the biometric sensor provides the first biometric key based upon a hash of the biometric 
measure of the current user. 



6. The security token of claim 1, wherein 

the second biometmc key is a symmetric key. 
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7. The security token of claim 8, wherein 

the security key is a privately of a set of asymmetric keys that include at least one 
private key and at least one public key. 

8. The security token of claim 1, further including 

a one-time encwpter that produces the encryption) of the security key based upon the 
second biometric key. 
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9. A security system comprising: 

a token that includes: 

a biometric sensor that provides a first biometric key of a current user of the token 
based upon a biometric measure of the current user, 

an encryption) of a security/key, the encryption^' being based upon a second 
biometric key of an authorized user, and / V 

a biometric decrypter that decrypts the encryption) of the security key to produce a 
decrypted security key, such that / 

the decrypted security key is equivalent to the security key when the first 
biometric key is equivalent to the second biometric key, and 

the decrypted security key is an erroneous key when the first biometric key 
is different from the second biometric key; and 

an access device that, when/operably coupled to the token, determines an access status 
based upon the decrypted security Acey. 

10. The security system of claim/9, wherein 

the access status is a verification that the current user is the authorized user. 

11. The security system of clami 9, wherein the access device includes: 

a challenge device tha| provides a challenge parameter to the token, and 
a receiving device tha receives a response parameter from the token based upon the 
challenge parameter and the c ecrypted security key; 

wherein the access status is based upon the response parameter. 

12. The security system of claiimKl /Wherein the token further includes: 



an authentication encrypter 



l£ encrypts the challenge parameter to produce the response 



parameter, the encryption) being bassd upon the decrypted security key. 
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The security system of claim 12, wherein: 

the security key is a first key of a pair of asymmetric keys, and 
the receiving device includes: 

an authentication decrypf er that decrypts the response parameter to produce a 
5 decrypted result, the decryption being qased upon a second key of the pair of asymmetric keys, 
and 

a comparator that compares the decrypted result with the challenge parameter to 
determine the access status. 

10 14. The security system of claim 13/ further including 

a database of authorized user keys from which the second key of the pair of asymmetric 

- 15. The security system of claim 14, wherein 

=45 the token further includ/s a token identifier that provides an identification corresponding 

*! to the authorized user, and / 

the determination of tne second key of the pair of asymmetric keys from the database of 
authorized user keys is based upon the identification corresponding to the authorized user. 

10 16. The security system of /claim 11, wherein the token further includes: 

an encapsulation that obstructs access to components of the token, and 
a means for destroying at least one of the second biometric key and the encryption) of the 
security key when the encapsulation is breached. 



25 17. The security system of claim 11, wherein the access device further includes 

a random number generator to facilitate the determination of the access status based upon 
the decrypted security key. 
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18. A method for determining an access status comprising the^steps of: 

encrypting a security key to produce an encrypted ^ecurity key) based upon a first 
biometric key of an authorized user into a token, / 

determining a second biometric key of a current user of the token based upon a biometric 
measure of the current user, / 

decrypting the encrypted security keyVto produce a decrypted security key based upon the 
second biometric measure, and / 

determining an access status based upon the decrypted security key. 

19. The method of claim 18, further/including the steps of: 

communicating a challenge parameter to the token, and 

determining a response^parameter based upon the challenge parameter and the second 
biometric key; and / 

wherein the step of determining the access status is based upon the response parameter. 



20. The method of claim 19, wherein 

the security key is a first key of a pair of asymmetric keys, 
the step of determining the response parameter includes the step of encrypting the 
challenge parameter based upon the second biometric key, 

the step of determining the access status includes the steps of: 




decrypting the response parameter to produce a decrypted result based upon a 



second key of the pair of asymmetric keys, and 



/ comparing the decrypted result to the challenge parameter to determine the access 

status/ 
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